Here’s how to install the CA certificate on multiple platforms for MITM.

For Linux you have to import certificates into individual browsers.  For Firefox, go to edit/preferences/advanced/certificates/view and import the cert under authorities. Check the box for “Identifies Websites.”  For Chrome, click settings, search for cert, and open ‘Manage Certificates.’  Click Authorities and Import.  Check the box for “Identifies Websites” if there is one.

What about things like curl, wget, apt-get, git, pip, etc?

Debian:

First, convert your pem file to crt.

openssl x509 -in certificate.pem -inform PEM -out certificate.crt

Then, create a dir, copy it over, and reconfigure ca-certificates settings.

sudo mkdir /usr/share/ca-certificates/extra
sudo cp certificate.crt /usr/share/ca-certificates/extra/certificate.crt
sudo dpkg-reconfigure ca-certificates

Select 'YES'
Then select the cert you just copied.

 

Windows:
The procedure is the same for Firefox, but Chrome and IE/Edge use the Windows certificate store.  To import the CA cert, right click it and select “Install Certificate.” Select “Local Machine”, click next and select “Place certificates in the following store.”  Browse to “Trusted Root Certificate Authorities” click next and finish.

To script this, you could run the following:

certutil -addstore "Root" "mitm.der"

 


0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *